I am trying to get a set of containers to work together with a OpenVPN-client. I used this as a template and build my own container (on a Raspberry Pi, so i cannot use the prebuilt image right away). So far it works like a charm, using the docker-compose configuration below i create the VPN connection in one container and attach to that with the second container. The second container also uses the VPN as it should (tested by getting the public IP with docker exec).
The problem is: the second container has a web-frontend and normally i would just expose it's port to the public and access it. in this case this is not possible. dperson writes that you need to use a nginx reverse proxy to access this, but that seems overly complicated, i do not need a reverse proxy to forward a specific URL to a port, i only need to export the port. Or to forward the port from openvpn-client to other-service. Also - what if that port is not HTTP/S but - an openSSH server or something like that - then i am lost with an nginx reverse proxy anyway.
just - i cant get it to work and i have no idea how to correctly configure this.
additional info: i think i do not need to specify the "vpn" network, but i think it does not do any harm, too.
docker-compose.yml
version: "2"
networks:
vpn:
driver: bridge
ipam:
driver: default
config:
- subnet: 10.42.42.0/24
gateway: 10.42.42.1
services:
openvpn-client:
image: openvpn-client
# ... more configuration here ...
cap_add:
- net_admin
devices:
- /dev/net/tun
networks:
vpn:
ipv4_address: 10.42.42.2
# ports exposing, those are the ports from other-service
ports:
- 1234:1234
restart: unless-stopped
other-service:
# ... some other settings ...
network_mode: "service:openvpn-client"
# ports does not work with network_mode service
# ports:
# - 1234:1234
depends_on:
- openvpn-client
restart: unless-stopped
